Hello. I am splitting up a 10.0.0.0/20 network and need to know:
A.) Will the below configuration work?
B.) If so, what do I need to do if anything to the ISR 2921 router to make this happen?
C.) How about in a location without a router that I can configure. (Vendor owned)
D.) DHCP configuration possible across subnets (i.e.: Wired 10.0.4.0/23 / Wireless 10.0.6.0/23)
|Allocated Size||Address||Mask||Dec Mask||Assignable Range||Broadcast|
|1022||10.0.0.0||/22||255.255.252.0||10.0.0.1 - 10.0.3.254||10.0.3.255|
|510||10.0.4.0||/23||255.255.254.0||10.0.4.1 - 10.0.5.254||10.0.5.255|
|510||10.0.6.0||/23||255.255.254.0||10.0.6.1 - 10.0.7.254||10.0.7.255|
|510||10.0.8.0||/23||255.255.254.0||10.0.8.1 - 10.0.9.254||10.0.9.255|
|510||10.0.10.0||/23||255.255.254.0||10.0.10.1 - 10.0.11.254||10.0.11.255|
|510||10.0.12.0||/23||255.255.254.0||10.0.12.1 - 10.0.13.254||10.0.13.255|
|254||10.0.14.0||/24||255.255.255.0||10.0.14.1 - 10.0.14.254||10.0.14.255|
|254||10.0.15.0||/24||255.255.255.0||10.0.15.1 - 10.0.15.254|
Any help you can provide would be great. The current network comprises the /20 spectrum, but we need to get a better handle on what devices are where (with VLANs) and breakup the large broadcast domain that a /20 creates.I haven't had to work with CIDR and what I've gathered sofar I've put into the table above.
Thanks in advance,
What you've got there looks pretty fine. The below configuration will work. A few things you have to take into consideration however.
If you're routing between those VLANs pretty heavily, eg one is a server VLAN and the other is a client VLAN then the 2921 probably won't cut it. A layer 3 switch will probably be a better fit.. 3560, 3750, 4500, 6500, nexus..
B) on the ISR 2921 (which will strain with a lot of throughput), I'd connect the router to a VLAN aware switch and configured the router's interface into sub interfaces, one for each VLAN and each with the default gateway for it's VLAN.
The switch then needs to be configured to accept the connection from the router by using a trunk port and it also needs to understand the VLANs you've created.
C) step up to the plate.
d) yes, an IP helper on each of the sub interfaces pointing to the DHCP server.
We actually have started rolling out the C3750X-IPBase switches into the network. So on the 3750X's we would need to enable ip routing for each VLAN on the switch, and configure the DHCP scopes to reflect these IP's as the gateways? , or configure the ISR itself to handle the routing via the sub interfaces? Then we would configure each scope on the MSFT DHCP server to allow for those clients to request IP's for their correct network? The ISR and all of the switches are already enabled for Dot1q, and do have sub interfaces to reflect the current VLAN structure that we have in place.
Is this something that can be conducted in phases?
i.e. Can I convert parts of the /20 to /23 or /24 in parts, or will the whole network need to be configured at once?
Currently only the 10.0.0.0-10.0.2.255 range is actually in use.
As far as the DHCP goes if you choose to use the 3750s as gateways, you will need to configure an ip helper-address on each SVI (switched vlan interface) to direct the DHCP request traffic from your endpoints as unicast to your MSFT DHCP server.
ip address 10.1.1.1 255.255.255.0
ip helper address 192.168.10.35 <----Your MSFT DHCP server
You don't have to let the ISR route between the vlans. As far as the networks, I would recommend segmenting your network thoroughly ahead of time. If you want to combine or break up any of you /20 or /24 networks. You will have to reconfigure your existing overlapping vlans and DHCP scope subnet masks as well as reassign leases to your hosts. Just seems like too much work to do later on for something that you can do now.
Message was edited by: Antonio Knox